Tuesday, June 12, 2018

HTTPS redirect on WLC

Hi all,

First post here...

We have had 7-10 users in the past week or two explain that they can't connect to our guest wireless network anymore. We have a web authentication page that pops up when they try to connect and just asks them to accept the terms and conditions. Since Google updated Chrome to version 67 Chrome only uses HTTPS which has caused issues. Our web authentication page uses HTTP so the page times out. Cisco TAC said that I should turn on HTTPS redirect and that would fix my issue. However, there is a major flaw with implementing this that would affect all users connecting to our guest wireless SSID.

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/118826-config-https-webauth-00.html

" The warning message "certificate is not issued by a trusted certificate authority." appears on the browser after you configure the https-redirect feature. This is seen even if you have a valid root or chained certificate on the controller as shown in Figure 1 and Figure 2. The reason is that the certficiate you installed on the controller is issued to your virtual IP address. "

So if I enable HTTPS redirect all users will receive the security alert whenever they try to connect. Cisco TAC also gave me another option of using a different browser than Chrome (which I know won't sit well with users and isn't an option for others who have Google phones).

Does anyone have any ideas for me?



No comments:

Post a Comment